Commit a38386f0 authored by Clément OUDOT's avatar Clément OUDOT
Browse files

New doc

parent a2806253
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:activedirectoryminihowto</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,activedirectoryminihowto"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="activedirectoryminihowto.html"/>
<link rel="contents" href="activedirectoryminihowto.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:activedirectoryminihowto","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="using_lemonldapng_with_active-directory">Using LemonLDAP::NG with Active-Directory</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "Using LemonLDAP::NG with Active-Directory" [1-57] -->
<h2 class="sectionedit2" id="authentication_with_loginpassword">Authentication with login/password</h2>
<div class="level2">
<p>
To use Active Directory as LDAP backend, you must change few things in the manager :
</p>
<ul>
<li class="level1"><div class="li"> Use “Active Directory” as authentication, userDB and passwordDBbackends,</div>
</li>
<li class="level1"><div class="li"> Export sAMAccountName in a variable declared in <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a></div>
</li>
<li class="level1"><div class="li"> Change the user attribute to store in Apache logs <em>(“General Parameters » Logs » REMOTE_USER”)</em>: use the variable declared above</div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Authentication with login/password" [58-494] -->
<h2 class="sectionedit3" id="authentication_with_kerberos">Authentication with Kerberos</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> Choose “Apache” as authentication module <em>(“General Parameters » Authentication modules » Authentication module”)</em></div>
</li>
<li class="level1"><div class="li"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Configure the Apache server</a> that host the portal to use the Apache Kerberos authentication module</div>
</li>
</ul>
</div>
<!-- EDIT3 SECTION "Authentication with Kerberos" [495-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>
<link rel="contents" href="applications.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:applications","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#known_supported_applications">Known supported applications</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#mail_agenda_groupware">Mail, Agenda, Groupware</a></div></li>
<li class="level2"><div class="li"><a href="#wiki">Wiki</a></div></li>
<li class="level2"><div class="li"><a href="#cms_portal_ecm">CMS, Portal, ECM</a></div></li>
<li class="level2"><div class="li"><a href="#bugtracker_service_management">Bugtracker, Service Management</a></div></li>
<li class="level2"><div class="li"><a href="#other">Other</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#frameworks">Frameworks</a></div></li>
<li class="level1"><div class="li"><a href="#connectors">Connectors</a></div></li>
<li class="level1"><div class="li"><a href="#saml_connectors">SAML connectors</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="applications">Applications</h1>
<div class="level1">
</div>
<!-- EDIT1 SECTION "Applications" [1-28] -->
<h2 class="sectionedit2" id="known_supported_applications">Known supported applications</h2>
<div class="level2">
<p>
Applications listed below are known to be easy to integrate in <abbr title="LemonLDAP::NG">LL::NG</abbr>. As <abbr title="LemonLDAP::NG">LL::NG</abbr> works like classic WebSSO (like Siteminder™), many other applications are easy to integrate.
</p>
</div>
<!-- EDIT2 SECTION "Known supported applications" [29-248] -->
<h3 class="sectionedit3" id="mail_agenda_groupware">Mail, Agenda, Groupware</h3>
<div class="level3">
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> OBM </th><th class="col1 centeralign"> Sympa </th><th class="col2 centeralign"> Zimbra </th><th class="col3 centeralign"> RoundCube </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/obm.html" class="media" title="documentation:2.0:applications:obm"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/sympa.html" class="media" title="documentation:2.0:applications:sympa"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/zimbra.html" class="media" title="documentation:2.0:applications:zimbra"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col3 centeralign"> <a href="applications/roundcube.html" class="media" title="documentation:2.0:applications:roundcube"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [284-580] -->
</div>
<!-- EDIT3 SECTION "Mail, Agenda, Groupware" [249-581] -->
<h3 class="sectionedit5" id="wiki">Wiki</h3>
<div class="level3">
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Dokuwiki </th><th class="col1 centeralign"> Mediawiki </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/dokuwiki.html" class="media" title="documentation:2.0:applications:dokuwiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/mediawiki.html" class="media" title="documentation:2.0:applications:mediawiki"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT6 TABLE [598-764] -->
</div>
<!-- EDIT5 SECTION "Wiki" [582-765] -->
<h3 class="sectionedit7" id="cms_portal_ecm">CMS, Portal, ECM</h3>
<div class="level3">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Drupal </th><th class="col1 centeralign"> Liferay </th><th class="col2 centeralign"> Alfresco </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/drupal.html" class="media" title="documentation:2.0:applications:drupal"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/liferay.html" class="media" title="documentation:2.0:applications:liferay"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/alfresco.html" class="media" title="documentation:2.0:applications:alfresco"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT8 TABLE [794-1029] -->
</div>
<!-- EDIT7 SECTION "CMS, Portal, ECM" [766-1030] -->
<h3 class="sectionedit9" id="bugtracker_service_management">Bugtracker, Service Management</h3>
<div class="level3">
<div class="table sectionedit10"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Bugzilla </th><th class="col1 centeralign"> GLPI </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/bugzilla.html" class="media" title="documentation:2.0:applications:bugzilla"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/glpi.html" class="media" title="documentation:2.0:applications:glpi"><img src="icons/kmultiple.png" class="media" alt="" width="100" /></a> </td>
</tr>
</table></div>
<!-- EDIT10 TABLE [1073-1229] -->
</div>
<!-- EDIT9 SECTION "Bugtracker, Service Management" [1031-1230] -->
<h3 class="sectionedit11" id="other">Other</h3>
<div class="level3">
<div class="table sectionedit12"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> GRR </th><th class="col1 centeralign"> phpLDAPadmin </th><th class="col2 centeralign"> LimeSurvey </th><th class="col3 centeralign"> SAP </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/grr.html" class="media" title="documentation:2.0:applications:grr"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/phpldapadmin.html" class="media" title="documentation:2.0:applications:phpldapadmin"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/limesurvey.html" class="media" title="documentation:2.0:applications:limesurvey"><img src="icons/kmultiple.png" class="media" title="LimeSurvey" alt="LimeSurvey" width="120" /></a> </td><td class="col3 centeralign"> <a href="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" class="media" title="http://help.sap.com/saphelp_nw70/helpdata/en/d0/a3d940c2653126e10000000a1550b0/frameset.htm" rel="nofollow"><img src="icons/kmultiple.png" class="media" title="SAP" alt="SAP" /></a> </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [1248-1651] -->
</div>
<!-- EDIT11 SECTION "Other" [1231-1652] -->
<h2 class="sectionedit13" id="frameworks">Frameworks</h2>
<div class="level2">
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Java (Spring) </th><th class="col1 centeralign"> Python (Django) </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/spring.html" class="media" title="documentation:2.0:applications:spring"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/django.html" class="media" title="documentation:2.0:applications:django"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [1677-1844] -->
</div>
<!-- EDIT13 SECTION "Frameworks" [1653-1845] -->
<h2 class="sectionedit15" id="connectors">Connectors</h2>
<div class="level2">
<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> HTTP Auth-Basic </th><th class="col1 centeralign"> Tomcat </th><th class="col2 centeralign"> Nginx </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/authbasic.html" class="media" title="documentation:2.0:applications:authbasic"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/tomcat.html" class="media" title="documentation:2.0:applications:tomcat"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/nginx.html" class="media" title="documentation:2.0:applications:nginx"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td>
</tr>
<tr class="row2 roweven">
<th class="col0 centeralign" colspan="3"> Some applications using it </th>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="http://en.wikipedia.org/wiki/Outlook_Web_App" class="urlextern" title="http://en.wikipedia.org/wiki/Outlook_Web_App" rel="nofollow">Outlook Web App</a> <br/>
<a href="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes" class="urlextern" title="http://en.wikipedia.org/wiki/IBM_Lotus_iNotes" rel="nofollow">IBM Lotus iNotes</a> </td><td class="col1 centeralign"> <a href="http://www.lambdaprobe.org" class="urlextern" title="http://www.lambdaprobe.org" rel="nofollow">Probe</a> <br/>
<a href="http://fr.lutece.paris.fr" class="urlextern" title="http://fr.lutece.paris.fr" rel="nofollow">Lutece</a> </td><td class="col2"> </td>
</tr>
</table></div>
<!-- EDIT16 TABLE [1870-2361] -->
</div>
<!-- EDIT15 SECTION "Connectors" [1846-2362] -->
<h2 class="sectionedit17" id="saml_connectors">SAML connectors</h2>
<div class="level2">
<div class="noteclassic">This requires to configure <abbr title="LemonLDAP::NG">LL::NG</abbr> as an <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML Identity Provider</a>.
</div><div class="table sectionedit18"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Google Apps </th><th class="col1 centeralign"> Cornerstone </th><th class="col2 centeralign"> SalesForce </th><th class="col3 centeralign"> simpleSAMLphp </th>
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 centeralign"> <a href="applications/googleapps.html" class="media" title="documentation:2.0:applications:googleapps"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col1 centeralign"> <a href="applications/cornerstone.html" class="media" title="documentation:2.0:applications:cornerstone"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col2 centeralign"> <a href="applications/salesforce.html" class="media" title="documentation:2.0:applications:salesforce"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td><td class="col3 centeralign"> <a href="applications/simplesamlphp.html" class="media" title="documentation:2.0:applications:simplesamlphp"><img src="icons/kmultiple.png" class="mediacenter" alt="" /></a> </td>
</tr>
<tr class="row2 roweven">
<th class="col0 centeralign"> NextCloud </th><th class="col1 leftalign"> </th><th class="col2 leftalign"> </th><th class="col3 leftalign"> </th>
</tr>
<tr class="row3 rowodd">
<td class="col0 centeralign"> <a href="applications/nextcloud.html" class="media" title="documentation:2.0:applications:nextcloud"><img src="icons/kmultiple.png" class="media" alt="" /></a> </td><td class="col1 leftalign"> </td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
</tr>
</table></div>
<!-- EDIT18 TABLE [2482-2957] -->
</div>
<!-- EDIT17 SECTION "SAML connectors" [2363-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications:alfresco</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,alfresco"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="alfresco.html"/>
<link rel="contents" href="alfresco.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:alfresco","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#alfresco1">Alfresco</a></div></li>
<li class="level2"><div class="li"><a href="#llng">LL::NG</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#other_resources">Other resources</a></div></li>
</ul>
</div>
</div>
<!-- TOC END -->
<h1 class="sectionedit1" id="alfresco">Alfresco</h1>
<div class="level1">
<p>
<img src="alfresco_logo.png" class="mediacenter" alt="" />
</p>
</div>
<!-- EDIT1 SECTION "Alfresco" [1-71] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">
<p>
<a href="https://www.alfresco.com/" class="urlextern" title="https://www.alfresco.com/" rel="nofollow">Alfresco</a> is an ECM/BPM software.
</p>
<p>
Since 4.0 release, it offers an easy way to configure <abbr title="Single Sign On">SSO</abbr> thanks to authentication subsystems.
</p>
<div class="noteimportant">If you use an older version, you need to refer to the following documentation: <a href="https://wiki.alfresco.com/wiki/SSO" class="urlextern" title="https://wiki.alfresco.com/wiki/SSO" rel="nofollow">https://wiki.alfresco.com/wiki/SSO</a>
</div>
</div>
<!-- EDIT2 SECTION "Presentation" [72-395] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
</div>
<!-- EDIT3 SECTION "Configuration" [396-422] -->
<h3 class="sectionedit4" id="alfresco1">Alfresco</h3>
<div class="level3">
<div class="notetip">The official documentation can be found here: <a href="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" class="urlextern" title="http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html" rel="nofollow">http://docs.alfresco.com/4.0/tasks/auth-alfrescoexternal-sso.html</a>
</div>
<p>
You need to find the following files in your Alfresco installation:
</p>
<ul>
<li class="level1"><div class="li"> <code>alfresco-global.properties</code> (ex: <code>tomcat/shared/classes/alfresco-global.properties</code>)</div>
</li>
<li class="level1"><div class="li"> <code>share-config-custom.xml</code> (ex: <code>tomcat/shared/classes/alfresco/web-extension/share-config-custom.xml</code>)</div>
</li>
</ul>
<p>
The first will allow to configure <abbr title="Single Sign On">SSO</abbr> for the alfresco webapp, and the other for the share webapp.
</p>
<p>
Edit first <code>alfresco-global.properties</code> and add the following:
</p>
<pre class="code file java">### SSO ###
authentication.<span class="me1">chain</span><span class="sy0">=</span>external1<span class="sy0">:</span>external
external.<span class="me1">authentication</span>.<span class="me1">enabled</span><span class="sy0">=</span><span class="kw2">true</span>
external.<span class="me1">authentication</span>.<span class="me1">defaultAdministratorUserNames</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyUserName</span><span class="sy0">=</span>
external.<span class="me1">authentication</span>.<span class="me1">proxyHeader</span><span class="sy0">=</span>Auth<span class="sy0">-</span>User
external.<span class="me1">authentication</span>.<span class="me1">userIdPattern</span><span class="sy0">=</span></pre>
<p>
Edit then <code>share-config-custom.xml</code> and uncomment the last part. In the <code>&lt;endpoint&gt;</code>, change <code>&lt;connector-id&gt;</code> value to <code>alfrescoHeader</code> and change the <code>&lt;userHeader&gt;</code> value to <code>Auth-User</code>:
</p>
<pre class="code file xml"> <span class="sc3"><span class="re1">&lt;config</span> <span class="re0">evaluator</span>=<span class="st0">&quot;string-compare&quot;</span> <span class="re0">condition</span>=<span class="st0">&quot;Remote&quot;</span><span class="re2">&gt;</span></span>
<span class="sc3"><span class="re1">&lt;remote<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;keystore<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;path<span class="re2">&gt;</span></span></span>alfresco/web-extension/alfresco-system.p12<span class="sc3"><span class="re1">&lt;/path<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;type<span class="re2">&gt;</span></span></span>pkcs12<span class="sc3"><span class="re1">&lt;/type<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;password<span class="re2">&gt;</span></span></span>alfresco-system<span class="sc3"><span class="re1">&lt;/password<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/keystore<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;connector<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfrescoCookie<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco Connector<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Connects to an Alfresco instance using cookie-based authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;class<span class="re2">&gt;</span></span></span>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector<span class="sc3"><span class="re1">&lt;/class<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/connector<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;connector<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfrescoHeader<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco Connector<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Connects to an Alfresco instance using header and cookie-based authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;class<span class="re2">&gt;</span></span></span>org.alfresco.web.site.servlet.SlingshotAlfrescoConnector<span class="sc3"><span class="re1">&lt;/class<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;userHeader<span class="re2">&gt;</span></span></span>Auth-User<span class="sc3"><span class="re1">&lt;/userHeader<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/connector<span class="re2">&gt;</span></span></span>
&nbsp;
<span class="sc3"><span class="re1">&lt;endpoint<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;id<span class="re2">&gt;</span></span></span>alfresco<span class="sc3"><span class="re1">&lt;/id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;name<span class="re2">&gt;</span></span></span>Alfresco - user access<span class="sc3"><span class="re1">&lt;/name<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;description<span class="re2">&gt;</span></span></span>Access to Alfresco Repository WebScripts that require user authentication<span class="sc3"><span class="re1">&lt;/description<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;connector-id<span class="re2">&gt;</span></span></span>alfrescoHeader<span class="sc3"><span class="re1">&lt;/connector-id<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;endpoint-url<span class="re2">&gt;</span></span></span>http://localhost:8080/alfresco/wcs<span class="sc3"><span class="re1">&lt;/endpoint-url<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;identity<span class="re2">&gt;</span></span></span>user<span class="sc3"><span class="re1">&lt;/identity<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;external-auth<span class="re2">&gt;</span></span></span>true<span class="sc3"><span class="re1">&lt;/external-auth<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/endpoint<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/remote<span class="re2">&gt;</span></span></span>
<span class="sc3"><span class="re1">&lt;/config<span class="re2">&gt;</span></span></span></pre>
<p>
You need to restart Tomcat to apply changes.
</p>
<div class="notewarning">Now you can log in with a simple HTTP header. You need to restrict access to Alfresco to <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</div>
</div>
<!-- EDIT4 SECTION "Alfresco" [423-3119] -->
<h3 class="sectionedit5" id="llng">LL::NG</h3>
<div class="level3">
<p>
Just set the <code>Auth-User</code> header with the attribute that carries the user login, for example <code>$uid</code>.
</p>
<p>
You can intercept the logout with this rule: <code>^/share/page/dologout ⇒ logout_app_sso</code>
</p>
</div>
<!-- EDIT5 SECTION "LL::NG" [3120-3332] -->
<h2 class="sectionedit6" id="other_resources">Other resources</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> <a href="https://www.youtube.com/watch?v=5tS0XrC_-rw" class="urlextern" title="https://www.youtube.com/watch?v=5tS0XrC_-rw" rel="nofollow">DevCon 2012: Unlocking the Secrets of Alfresco Authentication, Mehdi Belmekki</a></div>
</li>
</ul>
</div>
<!-- EDIT6 SECTION "Other resources" [3333-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications:authbasic</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,authbasic"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authbasic.html"/>
<link rel="contents" href="authbasic.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:authbasic","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="http_basic_authentication">HTTP Basic Authentication</h1>
<div class="level1">
<p>
<a href="http_logo.png_documentation_2.0_applications_authbasic.html" class="media" title="applications:http_logo.png"><img src="http_logo.png" class="mediacenter" alt="" /></a>
</p>
</div>
<!-- EDIT1 SECTION "HTTP Basic Authentication" [1-77] -->
<h2 class="sectionedit2" id="presentation">Presentation</h2>
<div class="level2">
<div class="noteimportant">For now, this feature is only supported by Apache handler.
</div>
<p>
Extract from the <a href="http://en.wikipedia.org/wiki/Basic_access_authentication" class="urlextern" title="http://en.wikipedia.org/wiki/Basic_access_authentication" rel="nofollow">Wikipedia article</a>:
</p>
<p>
<blockquote>
In the context of an HTTP transaction, the basic access authentication is a method designed to allow a web browser, or other client program, to provide credentials – in the form of a user name and password – when making a request.
</p>
<p>
Before transmission, the username and password are encoded as a sequence of base-64 characters. For example, the user name Aladdin and password open sesame would be combined as Aladdin:open sesame – which is equivalent to QWxhZGRpbjpvcGVuIHNlc2FtZQ== when encoded in Base64. Little effort is required to translate the encoded string back into the user name and password, and many popular security tools will decode the strings “on the fly”.
</blockquote>
</p>
<p>
So HTTP Basic Autentication is managed trough an HTTP header (<code>Authorization</code>), that can be forged by <abbr title="LemonLDAP::NG">LL::NG</abbr>, with this precautions:
</p>
<ul>
<li class="level1"><div class="li"> Data should not contains accents or special characters, as HTTP protocol only allow <abbr title="American Standard Code for Information Interchange">ASCII</abbr> values in header (but depending on the HTTP server, you can use ISO encoded values)</div>
</li>
<li class="level1"><div class="li"> You need to forward the password, which can be the user main password (if <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">password is stored in session</a>, or any user attribute (if you keep secondary passwords in users database).</div>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Presentation" [78-1535] -->
<h2 class="sectionedit3" id="configuration">Configuration</h2>
<div class="level2">
<p>
The Basic Authentication relies on a specific HTTP header, as described above. So you have just to declare this header for the virtual host in Manager.
</p>
<p>
For example, to forward login (<code>$uid</code>) and password (<code>$_password</code> if <a href="../passwordstore.html" class="wikilink1" title="documentation:2.0:passwordstore">password is stored in session</a>):
</p>
<pre class="code">Authorization =&gt; &quot;Basic &quot;.encode_base64(&quot;$uid:$_password&quot;)</pre>
<p>
<abbr title="LemonLDAP::NG">LL::NG</abbr> provides a special function named <a href="../extendedfunctions.html#basic" class="wikilink1" title="documentation:2.0:extendedfunctions">basic</a> to build this header.
</p>
<p>
So the above example can also be written like this:
</p>
<pre class="code">Authorization =&gt; basic($uid,$_password)</pre>
<div class="notetip">The <code>basic</code> function will also force conversion from UTF-8 to ISO-8859-1, which should be accepted by most of HTTP servers.
</div>
</div>
<!-- EDIT3 SECTION "Configuration" [1536-] --></div>
</body>
</html>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:applications:bugzilla</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,bugzilla"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="bugzilla.html"/>
<link rel="contents" href="bugzilla.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="../lib/exe/css.php.t.bootstrap3.css"/>
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0:applications';var JSINFO = {"id":"documentation:2.0:applications:bugzilla","namespace":"documentation:2.0:applications"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="../lib/exe/js.php.t.bootstrap3.js"></script>
</head>
<body>
<div class="dokuwiki export container">
<!-- TOC START -->
<div id="dw__toc">
<h3 class="toggle">Table of Contents</h3>
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#presentation">Presentation</a></div></li>
<li class="level1"><div class="li"><a href="#configuration">Configuration</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#bugzilla_administration">Bugzilla administration</a></div></li>
<li class="level2"><div class="li"><a href="#bugzilla_virtual_host">Bugzilla virtual host</a></div></li>
<li class="level2"><div class="li"><a href="#bugzilla_virtual_host_in_manager">Bugzilla virtual host in Manager</a></div></li>